Compliance

05.22.2018

What are the steps to ISO certification? Our assessors have completed assessments against several International Organization for Standardization (ISO) standards, and can provide your organization on insights on the process for achieving ISO certification. Choosing the Appropriate ISO Certification Standard Organizations can comply with many different ISO certification standards, depending on the specific needs and […]

03.26.2018

What does it mean to be committed to quality? Through our quality assurance process and team, and accreditations, A-LIGN ensures that your organization receives a quality report that meets the guidelines set by the relevant audit standard. Our reports satisfy third-party inquiries and exceeds customer expectations by upholding the highest standard of work.

03.15.2018

Your client requested a SOC report, but what’s next? For organizations seeking a SOC 1, SOC 2, or ISAE 3402, there are two attestation options available: Type 1 and Type 2. Additionally, a readiness assessment can be performed to prepare your organization for the attestation.

03.05.2018

About Microsoft SSPA Attestation The Microsoft Supplier Security and Privacy Assurance Program (SSPA), formerly known as the Vendor Privacy Assurance Program, is an initiative designed to standardize and strengthen how Microsoft’s customer, partner, and employee information is handled by Microsoft vendors worldwide.

02.27.2018

What is the FFIEC Cybersecurity Assessment Tool? In response to the current cybersecurity landscape, the Federal Financial Institutions Examination Council (FFIEC) has developed the Cybersecurity Assessment Tool (Assessment).

02.20.2018

The American Institute of Certified Public Accountants (AICPA) recognizes the growing demand for transparency and strengthened controls within multifaceted risk environments. The SOC 2 framework continues to improve the security measures that should be implemented to protect organizations against emerging threats.

02.14.2018

SECURETexas was created per Texas House Bill 300 in 2011 to help covered entities in Texas demonstrate that they have met privacy and security standards to reduce regulatory penalties, mitigate risk, and increase business partner and consumer confidence in the protection of protected health information (PHI).

02.08.2018

A-LIGN, a global cybersecurity, cyber risk and privacy, and compliance firm has announced the successful completion of the Service Organization Control (SOC) 2 Type 2 audit for its GRC software, A-SCEND.

02.06.2018

As the data breach landscape in the healthcare industry evolves, so do organizations and their compliance with regulatory requirements. Doing ‘nothing’ to protect healthcare data is no longer an acceptable approach for small healthcare entities.